Reconnaissance

The target virtual machine includes software that utilizes this vulnerable log4j package, offering me a playground to explore the vulnerability.

The vulnerable machine IP address is 10.10.75.171. So I use nmap on Kali Linux to start with basic recon.

1st Nmap scan

Initially I ran the scan with the verbose setting and specifying from ports 1-10000, this avoids nmap scanning all 65,000 ports. 3 open ports were discovered. 22 ssh, 111 rpcbind and 8983 unknown.

Following the unknown port I realized I needed to run another scan, this time looking for service and versions (-sV)

2nd Nmap scan

Now I can see the service running on port 8983 is Apache Solr

Last updated